github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
11,038 Commits 3 Branches 4 Tags
c6f571fc7d09105383314fd60b2a703bd2651128
Commit Graph

1177 Commits

Author SHA1 Message Date
ruiwen-zhao
c6f571fc7d Set grpc code for unimplemented cri-api methods 
Signed-off-by: ruiwen-zhao <ruiwen@google.com>
 2022-09-22 07:24:48 +00:00
Ed Bartosh
e22a7a3833 reference CDI configuration details 
Signed-off-by: Ed Bartosh <eduard.bartosh@intel.com>
 2022-09-21 11:25:28 +03:00
Samuel Karp
c8010b9cbe sbserver: return resources in ContainerStatus 
Port of b7b1200dd3 to sbserver

Signed-off-by: Samuel Karp <samuelkarp@google.com>
 2022-09-20 18:38:09 -07:00
Phil Estes
a1e4a94694 Merge pull request #7393 from Iceber/skip_verify 
remotes/docker/config: Skipping TLS verification for localhost
 2022-09-19 10:53:56 -04:00
Iceber Gu
3cfde732e1 remotes/docker/config: Skipping TLS verification for localhost 
Signed-off-by: Iceber Gu <wei.cai-nat@daocloud.io>
 2022-09-13 17:40:23 +08:00
Kevin Parsons
de509c0682 Merge pull request #6901 from dcantah/add-wcowhyp-runtime 
windows: Add runhcs-wcow-hypervisor runtimeclass to the default config
 2022-09-08 10:53:12 -07:00
lengrongfu
3c0e6c40ad feat: upgrade registry.k8s.io/pause version 
Signed-off-by: rongfu.leng <1275177125@qq.com>
 2022-09-06 15:59:20 +08:00
Abirdcfly
dcfaa30ba2 chore: remove duplicate word in comments 
Signed-off-by: Abirdcfly Fu <fp544037857@gmail.com>
 2022-08-29 13:05:32 +08:00
Samuel Karp
36d0cfd0fd Merge pull request #6517 from ruiwen-zhao/return-resource 2022-08-24 14:01:30 -07:00
ruiwen-zhao
b7b1200dd3 ContainerStatus to return container resources 
Signed-off-by: ruiwen-zhao <ruiwen@google.com>
 2022-08-24 19:08:06 +00:00
Paco Xu
9525b3148a migrate from k8s.gcr.io to registry.k8s.io 
Signed-off-by: Paco Xu <paco.xu@daocloud.io>
 2022-08-24 13:46:46 +08:00
Daniel Canter
f0036cb9dc windows: Add runhcs-wcow-hypervisor runtimeclass to the default config 
As part of the effort of getting hypervisor isolated windows container
support working for the CRI entrypoint here, add the runhcs-wcow-hypervisor
handler for the default config. This sets the correct SandboxIsolation
value that the Windows shim uses to differentiate process vs. hypervisor
isolation. This change additionally sets the wcow-process runtime to
passthrough io.microsoft.container* annotations and the hypervisor runtime
to accept io.microsoft.virtualmachine* annotations.

Note that for K8s users this runtime handler will need to be configured by
creating the corresponding RuntimeClass resources on the cluster as it's
not the default runtime.

Signed-off-by: Daniel Canter <dcanter@microsoft.com>
 2022-08-19 07:56:43 -07:00
Wei Fu
460b0533b2 pkg/cri/streaming: increase ReadHeaderTimeout 
It is follow-up of #7254. This commit will increase ReadHeaderTimeout
from 3s to 30m, which prevent from unexpected timeout when the node is
running with high-load. 30 Minutes is longer enough to get close to
before what #7254 changes.

And ideally, we should allow user to configure the streaming server if
the users want this feature.

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2022-08-18 07:42:12 +08:00
ruiwen-zhao
6e4b6830f1 Update CRI-API 
Signed-off-by: ruiwen-zhao <ruiwen@google.com>
 2022-08-10 03:55:51 +00:00
Maksym Pavlenko
ca3b9b50fe Run gofmt 1.19 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-08-04 18:18:33 -07:00
Maksym Pavlenko
5cf77fc43d Add TODOs for the remaining work 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-08-04 10:29:15 -07:00
Maksym Pavlenko
aa3303b697 Update sandbox protobuf to match CRI 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-07-29 16:08:07 -07:00
Maksym Pavlenko
8823224174 Update controller's start response to incldue pid and labels 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-07-29 16:08:07 -07:00
Maksym Pavlenko
3d028308ef Cleanup CRI files 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-07-29 16:08:07 -07:00
Maksym Pavlenko
c085fac1e5 Move sandbox start behind controller 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-07-29 16:08:07 -07:00
Brian Goff
f5fb2c32d2 Regenerate protos with updated protoc-gen-go 
This fixes CI issues

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2022-07-28 16:59:30 +00:00
Fu Wei
116af9d1cc Merge pull request #7207 from zouyee/relabel 
replace with selinux label
 2022-07-28 00:05:31 +08:00
Derek McGowan
6acde90772 Merge pull request #7069 from fuweid/failpoint-in-runc-shimv2 
test: introduce failpoint control to runc-shimv2 and cni
 2022-07-26 23:12:20 -07:00
zounengren
d121efc6d8 replace with selinux label 
Signed-off-by: zounengren <zouyee1989@gmail.com>
 2022-07-24 20:11:16 +08:00
Jeff Widman
050cd58ce6 Drop deprecated ioutil 
`ioutil` has been deprecated by golang. All the code in `ioutil` just
forwards functionality to code in either the `io` or `os` packages.

See https://github.com/golang/go/pull/51961 for more info.

Signed-off-by: Jeff Widman <jeff@jeffwidman.com>
 2022-07-23 08:36:20 -07:00
Maksym Pavlenko
500ff95f02 Make getServicesOpts a helper 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-07-22 19:38:45 -07:00
Wei Fu
cbebeb9440 pkg/failpoint: add FreeBSD link and update pkg doc 
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2022-07-22 23:25:40 +08:00
Wei Fu
1ae6e8b076 pkg/failpoint: add DelegatedEval API 
Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2022-07-22 23:25:40 +08:00
Wei Fu
ffd59ba600 pkg/failpoint: init failpoint package 
Failpoint is used to control the fail during API call when testing, especially
the API is complicated like CRI-RunPodSandbox. It can help us to test
the unexpected behavior without mock. The control design is based on freebsd
fail(9), but simpler.

REF: https://www.freebsd.org/cgi/man.cgi?query=fail&sektion=9&apropos=0&manpath=FreeBSD%2B10.0-RELEASE

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2022-07-22 23:25:40 +08:00
Danielle Lancashire
3125f7e1a0 cri_stats: handle missing cpu stats 
Signed-off-by: Danielle Lancashire <dani@builds.terrible.systems>
 2022-07-22 12:10:24 +00:00
Fu Wei
badb66113c Merge pull request #7189 from zouyee/ctx 2022-07-22 11:09:02 +08:00
Derek McGowan
24aad6dd46 Merge pull request #7182 from HeavenTonight/main 
code cleanup
 2022-07-20 13:09:10 -07:00
zounengren
7dc66eee64 using ContextDialer instead 
Signed-off-by: zounengren <zouyee1989@gmail.com>
 2022-07-20 22:53:42 +08:00
James Sturtevant
0d6881898e Refactor usageNanoCores be to used for all OSes 
Signed-off-by: James Sturtevant <jstur@microsoft.com>
 2022-07-19 16:49:08 -07:00
guiyong.ou
628f6ac681 code cleanup 
Signed-off-by: guiyong.ou <guiyong.ou@daocloud.io>
 2022-07-19 22:46:32 +08:00
Maksym Pavlenko
e69a83f356 Merge pull request #7168 from mxpv/linter 
Update and align golangci-lint version
 2022-07-18 12:23:06 -07:00
Mike Brown
88bcbb0361 adds a comment explaining how to disable experimental sbserver 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2022-07-15 17:00:56 -05:00
Maksym Pavlenko
3a3f43f72f Fix linter warnings 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-07-15 13:29:04 -07:00
Maksym Pavlenko
98a1b7ff1b Add log messages when choosing CRI server 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-07-14 09:12:35 -07:00
Maksym Pavlenko
2ba6353316 Change metrics namespace for sandboxed CRI to prevent panic 
panic: duplicate metrics collector registration attempted

Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-07-13 12:47:13 -07:00
Maksym Pavlenko
b8e93774c1 Enable integration tests against sandboxed CRI 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-07-13 12:02:06 -07:00
Maksym Pavlenko
cf5df7e4ac Fork CRI server package 
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
 2022-07-13 10:54:59 -07:00
Daniel Canter
bcdc8468f8 Fix out of date comments for CRI store packages 
All of the CRI store related packages all use the standard errdefs
errors now for if a key doesn't or already exists (ErrAlreadyExists,
ErrNotFound), but the comments for the methods still referenced
some unused package specific error definitions. This change just
updates the comments to reflect what errors are actually returned
and adds comments for some previously undocumented exported functions.

Signed-off-by: Daniel Canter <dcanter@microsoft.com>
 2022-07-11 13:57:39 -07:00
Derek McGowan
aee50aeac2 Merge pull request #7108 from fuweid/refactor-cri-api 
pkg/cri: use marshal wrapper for version convertor
 2022-06-29 13:58:15 -07:00
Wei Fu
c2703c08c9 pkg/cri: use marshal wrapper for version convertor 
Use wrapper for ReopenContainerLog v1alpha proto.

Ref: #5619

Signed-off-by: Wei Fu <fuweid89@gmail.com>
 2022-06-29 22:20:47 +08:00
Kazuyoshi Kato
66cc0fc879 Copy FuzzCRI from cncf/cncf-fuzzing 
Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-06-27 22:54:25 +00:00
Kazuyoshi Kato
57200edf25 Use testing.F on FuzzParseProcPIDStatus 
Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-06-15 14:56:20 +00:00
wllenyj
42a386c816 CRI: change the /dev/shm mount options in Sandbox. 
All containers except the pause container, mount `/dev/shm" with flags
`nosuid,nodev,noexec`. So change mount options for pause container to
keep consistence.
This also helps to solve issues of failing to mount `/dev/shm` when
pod/container level user namespace is enabled.

Fixes: #6911

Signed-off-by: Jiang Liu <gerry@linux.alibaba.com>
Signed-off-by: Lei Wang <wllenyj@linux.alibaba.com>
 2022-06-14 10:45:06 +08:00
wllenyj
a62a95789c CRI: remove default /dev/shm mount in Sandbox. 
This's an optimization to get rid of redundant `/dev/shm" mounts for pause container.
In `oci.defaultMounts`, there is a default `/dev/shm` mount which is redundant for
pause container.

Fixes: #6911

Signed-off-by: Jiang Liu <gerry@linux.alibaba.com>
Signed-off-by: Lei Wang  <wllenyj@linux.alibaba.com>
 2022-06-14 10:45:06 +08:00
Maksym Pavlenko
e71ffddb6b Merge pull request #7042 from samuelkarp/freebsd-unit-tests 
Port (some) unit tests to FreeBSD
 2022-06-10 15:05:52 -07:00